]> git.proxmox.com Git - ovs.git/blob - lib/packets.c
projects / ovs.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
ofp-port: Drop of useless indirection in ofputil_pull_ofp14_port_stats().
[ovs.git] / lib / packets.c
1 /*
2 * Copyright (c) 2009, 2010, 2011, 2012, 2013, 2014, 2015, 2016 Nicira, Inc.
3 *
4 * Licensed under the Apache License, Version 2.0 (the "License");
5 * you may not use this file except in compliance with the License.
6 * You may obtain a copy of the License at:
7 *
8 * http://www.apache.org/licenses/LICENSE-2.0
9 *
10 * Unless required by applicable law or agreed to in writing, software
11 * distributed under the License is distributed on an "AS IS" BASIS,
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 * See the License for the specific language governing permissions and
14 * limitations under the License.
15 */
16
17 #include <config.h>
18 #include "packets.h"
19 #include <sys/types.h>
20 #include <netinet/in.h>
21 #include <arpa/inet.h>
22 #include <sys/socket.h>
23 #include <netinet/ip6.h>
24 #include <netinet/icmp6.h>
25 #include <stdlib.h>
26 #include <netdb.h>
27 #include "byte-order.h"
28 #include "csum.h"
29 #include "crc32c.h"
30 #include "flow.h"
31 #include "openvswitch/hmap.h"
32 #include "openvswitch/dynamic-string.h"
33 #include "ovs-thread.h"
34 #include "odp-util.h"
35 #include "dp-packet.h"
36 #include "unaligned.h"
37
38 const struct in6_addr in6addr_exact = IN6ADDR_EXACT_INIT;
39 const struct in6_addr in6addr_all_hosts = IN6ADDR_ALL_HOSTS_INIT;
40 const struct in6_addr in6addr_all_routers = IN6ADDR_ALL_ROUTERS_INIT;
41
42 struct in6_addr
43 flow_tnl_dst(const struct flow_tnl *tnl)
44 {
45 return tnl->ip_dst ? in6_addr_mapped_ipv4(tnl->ip_dst) : tnl->ipv6_dst;
46 }
47
48 struct in6_addr
49 flow_tnl_src(const struct flow_tnl *tnl)
50 {
51 return tnl->ip_src ? in6_addr_mapped_ipv4(tnl->ip_src) : tnl->ipv6_src;
52 }
53
54 /* Returns true if 's' consists entirely of hex digits, false otherwise. */
55 static bool
56 is_all_hex(const char *s)
57 {
58 return s[strspn(s, "0123456789abcdefABCDEF")] == '\0';
59 }
60
61 /* Parses 's' as a 16-digit hexadecimal number representing a datapath ID. On
62 * success stores the dpid into '*dpidp' and returns true, on failure stores 0
63 * into '*dpidp' and returns false.
64 *
65 * Rejects an all-zeros dpid as invalid. */
66 bool
67 dpid_from_string(const char *s, uint64_t *dpidp)
68 {
69 size_t len = strlen(s);
70 *dpidp = ((len == 16 && is_all_hex(s))
71 || (len <= 18 && s[0] == '0' && (s[1] == 'x' || s[1] == 'X')
72 && is_all_hex(s + 2))
73 ? strtoull(s, NULL, 16)
74 : 0);
75 return *dpidp != 0;
76 }
77
78 /* Returns true if 'ea' is a reserved address, that a bridge must never
79 * forward, false otherwise.
80 *
81 * If you change this function's behavior, please update corresponding
82 * documentation in vswitch.xml at the same time. */
83 bool
84 eth_addr_is_reserved(const struct eth_addr ea)
85 {
86 struct eth_addr_node {
87 struct hmap_node hmap_node;
88 const uint64_t ea64;
89 };
90
91 static struct eth_addr_node nodes[] = {
92 /* STP, IEEE pause frames, and other reserved protocols. */
93 { HMAP_NODE_NULL_INITIALIZER, 0x0180c2000000ULL },
94 { HMAP_NODE_NULL_INITIALIZER, 0x0180c2000001ULL },
95 { HMAP_NODE_NULL_INITIALIZER, 0x0180c2000002ULL },
96 { HMAP_NODE_NULL_INITIALIZER, 0x0180c2000003ULL },
97 { HMAP_NODE_NULL_INITIALIZER, 0x0180c2000004ULL },
98 { HMAP_NODE_NULL_INITIALIZER, 0x0180c2000005ULL },
99 { HMAP_NODE_NULL_INITIALIZER, 0x0180c2000006ULL },
100 { HMAP_NODE_NULL_INITIALIZER, 0x0180c2000007ULL },
101 { HMAP_NODE_NULL_INITIALIZER, 0x0180c2000008ULL },
102 { HMAP_NODE_NULL_INITIALIZER, 0x0180c2000009ULL },
103 { HMAP_NODE_NULL_INITIALIZER, 0x0180c200000aULL },
104 { HMAP_NODE_NULL_INITIALIZER, 0x0180c200000bULL },
105 { HMAP_NODE_NULL_INITIALIZER, 0x0180c200000cULL },
106 { HMAP_NODE_NULL_INITIALIZER, 0x0180c200000dULL },
107 { HMAP_NODE_NULL_INITIALIZER, 0x0180c200000eULL },
108 { HMAP_NODE_NULL_INITIALIZER, 0x0180c200000fULL },
109
110 /* Extreme protocols. */
111 { HMAP_NODE_NULL_INITIALIZER, 0x00e02b000000ULL }, /* EDP. */
112 { HMAP_NODE_NULL_INITIALIZER, 0x00e02b000004ULL }, /* EAPS. */
113 { HMAP_NODE_NULL_INITIALIZER, 0x00e02b000006ULL }, /* EAPS. */
114
115 /* Cisco protocols. */
116 { HMAP_NODE_NULL_INITIALIZER, 0x01000c000000ULL }, /* ISL. */
117 { HMAP_NODE_NULL_INITIALIZER, 0x01000cccccccULL }, /* PAgP, UDLD, CDP,
118 * DTP, VTP. */
119 { HMAP_NODE_NULL_INITIALIZER, 0x01000ccccccdULL }, /* PVST+. */
120 { HMAP_NODE_NULL_INITIALIZER, 0x01000ccdcdcdULL }, /* STP Uplink Fast,
121 * FlexLink. */
122
123 /* Cisco CFM. */
124 { HMAP_NODE_NULL_INITIALIZER, 0x01000cccccc0ULL },
125 { HMAP_NODE_NULL_INITIALIZER, 0x01000cccccc1ULL },
126 { HMAP_NODE_NULL_INITIALIZER, 0x01000cccccc2ULL },
127 { HMAP_NODE_NULL_INITIALIZER, 0x01000cccccc3ULL },
128 { HMAP_NODE_NULL_INITIALIZER, 0x01000cccccc4ULL },
129 { HMAP_NODE_NULL_INITIALIZER, 0x01000cccccc5ULL },
130 { HMAP_NODE_NULL_INITIALIZER, 0x01000cccccc6ULL },
131 { HMAP_NODE_NULL_INITIALIZER, 0x01000cccccc7ULL },
132 };
133
134 static struct ovsthread_once once = OVSTHREAD_ONCE_INITIALIZER;
135 struct eth_addr_node *node;
136 static struct hmap addrs;
137 uint64_t ea64;
138
139 if (ovsthread_once_start(&once)) {
140 hmap_init(&addrs);
141 for (node = nodes; node < &nodes[ARRAY_SIZE(nodes)]; node++) {
142 hmap_insert(&addrs, &node->hmap_node, hash_uint64(node->ea64));
143 }
144 ovsthread_once_done(&once);
145 }
146
147 ea64 = eth_addr_to_uint64(ea);
148 HMAP_FOR_EACH_IN_BUCKET (node, hmap_node, hash_uint64(ea64), &addrs) {
149 if (node->ea64 == ea64) {
150 return true;
151 }
152 }
153 return false;
154 }
155
156 /* Attempts to parse 's' as an Ethernet address. If successful, stores the
157 * address in 'ea' and returns true, otherwise zeros 'ea' and returns
158 * false. This function checks trailing characters. */
159 bool
160 eth_addr_from_string(const char *s, struct eth_addr *ea)
161 {
162 int n = 0;
163 if (ovs_scan(s, ETH_ADDR_SCAN_FMT"%n", ETH_ADDR_SCAN_ARGS(*ea), &n)
164 && !s[n]) {
165 return true;
166 } else {
167 *ea = eth_addr_zero;
168 return false;
169 }
170 }
171
172 /* Fills 'b' with a Reverse ARP packet with Ethernet source address 'eth_src'.
173 * This function is used by Open vSwitch to compose packets in cases where
174 * context is important but content doesn't (or shouldn't) matter.
175 *
176 * The returned packet has enough headroom to insert an 802.1Q VLAN header if
177 * desired. */
178 void
179 compose_rarp(struct dp_packet *b, const struct eth_addr eth_src)
180 {
181 struct eth_header *eth;
182 struct arp_eth_header *arp;
183
184 dp_packet_clear(b);
185 dp_packet_prealloc_tailroom(b, 2 + ETH_HEADER_LEN + VLAN_HEADER_LEN
186 + ARP_ETH_HEADER_LEN);
187 dp_packet_reserve(b, 2 + VLAN_HEADER_LEN);
188 eth = dp_packet_put_uninit(b, sizeof *eth);
189 eth->eth_dst = eth_addr_broadcast;
190 eth->eth_src = eth_src;
191 eth->eth_type = htons(ETH_TYPE_RARP);
192
193 arp = dp_packet_put_uninit(b, sizeof *arp);
194 arp->ar_hrd = htons(ARP_HRD_ETHERNET);
195 arp->ar_pro = htons(ARP_PRO_IP);
196 arp->ar_hln = sizeof arp->ar_sha;
197 arp->ar_pln = sizeof arp->ar_spa;
198 arp->ar_op = htons(ARP_OP_RARP);
199 arp->ar_sha = eth_src;
200 put_16aligned_be32(&arp->ar_spa, htonl(0));
201 arp->ar_tha = eth_src;
202 put_16aligned_be32(&arp->ar_tpa, htonl(0));
203
204 dp_packet_reset_offsets(b);
205 dp_packet_set_l3(b, arp);
206 b->packet_type = htonl(PT_ETH);
207 }
208
209 /* Insert VLAN header according to given TCI. Packet passed must be Ethernet
210 * packet. Ignores the CFI bit of 'tci' using 0 instead.
211 *
212 * Also adjusts the layer offsets accordingly. */
213 void
214 eth_push_vlan(struct dp_packet *packet, ovs_be16 tpid, ovs_be16 tci)
215 {
216 struct vlan_eth_header *veh;
217
218 /* Insert new 802.1Q header. */
219 veh = dp_packet_resize_l2(packet, VLAN_HEADER_LEN);
220 memmove(veh, (char *)veh + VLAN_HEADER_LEN, 2 * ETH_ADDR_LEN);
221 veh->veth_type = tpid;
222 veh->veth_tci = tci & htons(~VLAN_CFI);
223 }
224
225 /* Removes outermost VLAN header (if any is present) from 'packet'.
226 *
227 * 'packet->l2_5' should initially point to 'packet''s outer-most VLAN header
228 * or may be NULL if there are no VLAN headers. */
229 void
230 eth_pop_vlan(struct dp_packet *packet)
231 {
232 struct vlan_eth_header *veh = dp_packet_eth(packet);
233
234 if (veh && dp_packet_size(packet) >= sizeof *veh
235 && eth_type_vlan(veh->veth_type)) {
236
237 memmove((char *)veh + VLAN_HEADER_LEN, veh, 2 * ETH_ADDR_LEN);
238 dp_packet_resize_l2(packet, -VLAN_HEADER_LEN);
239 }
240 }
241
242 /* Push Ethernet header onto 'packet' assuming it is layer 3 */
243 void
244 push_eth(struct dp_packet *packet, const struct eth_addr *dst,
245 const struct eth_addr *src)
246 {
247 struct eth_header *eh;
248
249 ovs_assert(packet->packet_type != htonl(PT_ETH));
250 eh = dp_packet_resize_l2(packet, ETH_HEADER_LEN);
251 eh->eth_dst = *dst;
252 eh->eth_src = *src;
253 eh->eth_type = pt_ns_type_be(packet->packet_type);
254 packet->packet_type = htonl(PT_ETH);
255 }
256
257 /* Removes Ethernet header, including VLAN header, from 'packet'.
258 *
259 * Previous to calling this function, 'ofpbuf_l3(packet)' must not be NULL */
260 void
261 pop_eth(struct dp_packet *packet)
262 {
263 char *l2_5 = dp_packet_l2_5(packet);
264 char *l3 = dp_packet_l3(packet);
265 ovs_be16 ethertype;
266 int increment;
267
268 ovs_assert(packet->packet_type == htonl(PT_ETH));
269 ovs_assert(l3 != NULL);
270
271 if (l2_5) {
272 increment = packet->l2_5_ofs;
273 ethertype = *(ALIGNED_CAST(ovs_be16 *, (l2_5 - 2)));
274 } else {
275 increment = packet->l3_ofs;
276 ethertype = *(ALIGNED_CAST(ovs_be16 *, (l3 - 2)));
277 }
278
279 dp_packet_resize_l2(packet, -increment);
280 packet->packet_type = PACKET_TYPE_BE(OFPHTN_ETHERTYPE, ntohs(ethertype));
281 }
282
283 /* Set ethertype of the packet. */
284 static void
285 set_ethertype(struct dp_packet *packet, ovs_be16 eth_type)
286 {
287 struct eth_header *eh = dp_packet_eth(packet);
288
289 if (!eh) {
290 return;
291 }
292
293 if (eth_type_vlan(eh->eth_type)) {
294 ovs_be16 *p;
295 char *l2_5 = dp_packet_l2_5(packet);
296
297 p = ALIGNED_CAST(ovs_be16 *,
298 (l2_5 ? l2_5 : (char *)dp_packet_l3(packet)) - 2);
299 *p = eth_type;
300 } else {
301 eh->eth_type = eth_type;
302 }
303 }
304
305 static bool is_mpls(struct dp_packet *packet)
306 {
307 return packet->l2_5_ofs != UINT16_MAX;
308 }
309
310 /* Set time to live (TTL) of an MPLS label stack entry (LSE). */
311 void
312 set_mpls_lse_ttl(ovs_be32 *lse, uint8_t ttl)
313 {
314 *lse &= ~htonl(MPLS_TTL_MASK);
315 *lse |= htonl((ttl << MPLS_TTL_SHIFT) & MPLS_TTL_MASK);
316 }
317
318 /* Set traffic class (TC) of an MPLS label stack entry (LSE). */
319 void
320 set_mpls_lse_tc(ovs_be32 *lse, uint8_t tc)
321 {
322 *lse &= ~htonl(MPLS_TC_MASK);
323 *lse |= htonl((tc << MPLS_TC_SHIFT) & MPLS_TC_MASK);
324 }
325
326 /* Set label of an MPLS label stack entry (LSE). */
327 void
328 set_mpls_lse_label(ovs_be32 *lse, ovs_be32 label)
329 {
330 *lse &= ~htonl(MPLS_LABEL_MASK);
331 *lse |= htonl((ntohl(label) << MPLS_LABEL_SHIFT) & MPLS_LABEL_MASK);
332 }
333
334 /* Set bottom of stack (BoS) bit of an MPLS label stack entry (LSE). */
335 void
336 set_mpls_lse_bos(ovs_be32 *lse, uint8_t bos)
337 {
338 *lse &= ~htonl(MPLS_BOS_MASK);
339 *lse |= htonl((bos << MPLS_BOS_SHIFT) & MPLS_BOS_MASK);
340 }
341
342 /* Compose an MPLS label stack entry (LSE) from its components:
343 * label, traffic class (TC), time to live (TTL) and
344 * bottom of stack (BoS) bit. */
345 ovs_be32
346 set_mpls_lse_values(uint8_t ttl, uint8_t tc, uint8_t bos, ovs_be32 label)
347 {
348 ovs_be32 lse = htonl(0);
349 set_mpls_lse_ttl(&lse, ttl);
350 set_mpls_lse_tc(&lse, tc);
351 set_mpls_lse_bos(&lse, bos);
352 set_mpls_lse_label(&lse, label);
353 return lse;
354 }
355
356 /* Set MPLS label stack entry to outermost MPLS header.*/
357 void
358 set_mpls_lse(struct dp_packet *packet, ovs_be32 mpls_lse)
359 {
360 /* Packet type should be MPLS to set label stack entry. */
361 if (is_mpls(packet)) {
362 struct mpls_hdr *mh = dp_packet_l2_5(packet);
363
364 /* Update mpls label stack entry. */
365 put_16aligned_be32(&mh->mpls_lse, mpls_lse);
366 }
367 }
368
369 /* Push MPLS label stack entry 'lse' onto 'packet' as the outermost MPLS
370 * header. If 'packet' does not already have any MPLS labels, then its
371 * Ethertype is changed to 'ethtype' (which must be an MPLS Ethertype). */
372 void
373 push_mpls(struct dp_packet *packet, ovs_be16 ethtype, ovs_be32 lse)
374 {
375 char * header;
376 size_t len;
377
378 if (!eth_type_mpls(ethtype)) {
379 return;
380 }
381
382 if (!is_mpls(packet)) {
383 /* Set MPLS label stack offset. */
384 packet->l2_5_ofs = packet->l3_ofs;
385 }
386
387 set_ethertype(packet, ethtype);
388
389 /* Push new MPLS shim header onto packet. */
390 len = packet->l2_5_ofs;
391 header = dp_packet_resize_l2_5(packet, MPLS_HLEN);
392 memmove(header, header + MPLS_HLEN, len);
393 memcpy(header + len, &lse, sizeof lse);
394 }
395
396 /* If 'packet' is an MPLS packet, removes its outermost MPLS label stack entry.
397 * If the label that was removed was the only MPLS label, changes 'packet''s
398 * Ethertype to 'ethtype' (which ordinarily should not be an MPLS
399 * Ethertype). */
400 void
401 pop_mpls(struct dp_packet *packet, ovs_be16 ethtype)
402 {
403 if (is_mpls(packet)) {
404 struct mpls_hdr *mh = dp_packet_l2_5(packet);
405 size_t len = packet->l2_5_ofs;
406
407 set_ethertype(packet, ethtype);
408 if (get_16aligned_be32(&mh->mpls_lse) & htonl(MPLS_BOS_MASK)) {
409 dp_packet_set_l2_5(packet, NULL);
410 }
411 /* Shift the l2 header forward. */
412 memmove((char*)dp_packet_data(packet) + MPLS_HLEN, dp_packet_data(packet), len);
413 dp_packet_resize_l2_5(packet, -MPLS_HLEN);
414 }
415 }
416
417 void
418 push_nsh(struct dp_packet *packet, const struct nsh_hdr *nsh_hdr_src)
419 {
420 struct nsh_hdr *nsh;
421 size_t length = nsh_hdr_len(nsh_hdr_src);
422 uint8_t next_proto;
423
424 switch (ntohl(packet->packet_type)) {
425 case PT_ETH:
426 next_proto = NSH_P_ETHERNET;
427 break;
428 case PT_IPV4:
429 next_proto = NSH_P_IPV4;
430 break;
431 case PT_IPV6:
432 next_proto = NSH_P_IPV6;
433 break;
434 case PT_NSH:
435 next_proto = NSH_P_NSH;
436 break;
437 default:
438 OVS_NOT_REACHED();
439 }
440
441 nsh = (struct nsh_hdr *) dp_packet_push_uninit(packet, length);
442 memcpy(nsh, nsh_hdr_src, length);
443 nsh->next_proto = next_proto;
444 packet->packet_type = htonl(PT_NSH);
445 dp_packet_reset_offsets(packet);
446 packet->l3_ofs = 0;
447 }
448
449 bool
450 pop_nsh(struct dp_packet *packet)
451 {
452 struct nsh_hdr *nsh = (struct nsh_hdr *) dp_packet_l3(packet);
453 size_t length;
454 uint32_t next_pt;
455
456 if (packet->packet_type == htonl(PT_NSH) && nsh) {
457 switch (nsh->next_proto) {
458 case NSH_P_ETHERNET:
459 next_pt = PT_ETH;
460 break;
461 case NSH_P_IPV4:
462 next_pt = PT_IPV4;
463 break;
464 case NSH_P_IPV6:
465 next_pt = PT_IPV6;
466 break;
467 case NSH_P_NSH:
468 next_pt = PT_NSH;
469 break;
470 default:
471 /* Unknown inner packet type. Drop packet. */
472 return false;
473 }
474
475 length = nsh_hdr_len(nsh);
476 dp_packet_reset_packet(packet, length);
477 packet->packet_type = htonl(next_pt);
478 /* Packet must be recirculated for further processing. */
479 }
480 return true;
481 }
482
483 /* Converts hex digits in 'hex' to an Ethernet packet in '*packetp'. The
484 * caller must free '*packetp'. On success, returns NULL. On failure, returns
485 * an error message and stores NULL in '*packetp'.
486 *
487 * Aligns the L3 header of '*packetp' on a 32-bit boundary. */
488 const char *
489 eth_from_hex(const char *hex, struct dp_packet **packetp)
490 {
491 struct dp_packet *packet;
492
493 /* Use 2 bytes of headroom to 32-bit align the L3 header. */
494 packet = *packetp = dp_packet_new_with_headroom(strlen(hex) / 2, 2);
495
496 if (dp_packet_put_hex(packet, hex, NULL)[0] != '\0') {
497 dp_packet_delete(packet);
498 *packetp = NULL;
499 return "Trailing garbage in packet data";
500 }
501
502 if (dp_packet_size(packet) < ETH_HEADER_LEN) {
503 dp_packet_delete(packet);
504 *packetp = NULL;
505 return "Packet data too short for Ethernet";
506 }
507
508 return NULL;
509 }
510
511 void
512 eth_format_masked(const struct eth_addr eth,
513 const struct eth_addr *mask, struct ds *s)
514 {
515 ds_put_format(s, ETH_ADDR_FMT, ETH_ADDR_ARGS(eth));
516 if (mask && !eth_mask_is_exact(*mask)) {
517 ds_put_format(s, "/"ETH_ADDR_FMT, ETH_ADDR_ARGS(*mask));
518 }
519 }
520
521 /* Given the IP netmask 'netmask', returns the number of bits of the IP address
522 * that it specifies, that is, the number of 1-bits in 'netmask'.
523 *
524 * If 'netmask' is not a CIDR netmask (see ip_is_cidr()), the return value will
525 * still be in the valid range but isn't otherwise meaningful. */
526 int
527 ip_count_cidr_bits(ovs_be32 netmask)
528 {
529 return 32 - ctz32(ntohl(netmask));
530 }
531
532 void
533 ip_format_masked(ovs_be32 ip, ovs_be32 mask, struct ds *s)
534 {
535 ds_put_format(s, IP_FMT, IP_ARGS(ip));
536 if (mask != OVS_BE32_MAX) {
537 if (ip_is_cidr(mask)) {
538 ds_put_format(s, "/%d", ip_count_cidr_bits(mask));
539 } else {
540 ds_put_format(s, "/"IP_FMT, IP_ARGS(mask));
541 }
542 }
543 }
544
545 /* Parses string 's', which must be an IP address. Stores the IP address into
546 * '*ip'. Returns true if successful, otherwise false. */
547 bool
548 ip_parse(const char *s, ovs_be32 *ip)
549 {
550 return inet_pton(AF_INET, s, ip) == 1;
551 }
552
553 /* Parses string 's', which must be an IP address with a port number
554 * with ":" as a separator (e.g.: 192.168.1.2:80).
555 * Stores the IP address into '*ip' and port number to '*port'.
556 *
557 * Returns NULL if successful, otherwise an error message that the caller must
558 * free(). */
559 char * OVS_WARN_UNUSED_RESULT
560 ip_parse_port(const char *s, ovs_be32 *ip, ovs_be16 *port)
561 {
562 int n = 0;
563 if (ovs_scan(s, IP_PORT_SCAN_FMT"%n", IP_PORT_SCAN_ARGS(ip, port), &n)
564 && !s[n]) {
565 return NULL;
566 }
567
568 return xasprintf("%s: invalid IP address or port number", s);
569 }
570
571 /* Parses string 's', which must be an IP address with an optional netmask or
572 * CIDR prefix length. Stores the IP address into '*ip', netmask into '*mask',
573 * (255.255.255.255, if 's' lacks a netmask), and number of scanned characters
574 * into '*n'.
575 *
576 * Returns NULL if successful, otherwise an error message that the caller must
577 * free(). */
578 char * OVS_WARN_UNUSED_RESULT
579 ip_parse_masked_len(const char *s, int *n, ovs_be32 *ip,
580 ovs_be32 *mask)
581 {
582 int prefix;
583
584 if (ovs_scan_len(s, n, IP_SCAN_FMT"/"IP_SCAN_FMT,
585 IP_SCAN_ARGS(ip), IP_SCAN_ARGS(mask))) {
586 /* OK. */
587 } else if (ovs_scan_len(s, n, IP_SCAN_FMT"/%d",
588 IP_SCAN_ARGS(ip), &prefix)) {
589 if (prefix < 0 || prefix > 32) {
590 return xasprintf("%s: IPv4 network prefix bits not between 0 and "
591 "32, inclusive", s);
592 }
593 *mask = be32_prefix_mask(prefix);
594 } else if (ovs_scan_len(s, n, IP_SCAN_FMT, IP_SCAN_ARGS(ip))) {
595 *mask = OVS_BE32_MAX;
596 } else {
597 return xasprintf("%s: invalid IP address", s);
598 }
599 return NULL;
600 }
601
602 /* This function is similar to ip_parse_masked_len(), but doesn't return the
603 * number of scanned characters and expects 's' to end after the ip/(optional)
604 * mask.
605 *
606 * Returns NULL if successful, otherwise an error message that the caller must
607 * free(). */
608 char * OVS_WARN_UNUSED_RESULT
609 ip_parse_masked(const char *s, ovs_be32 *ip, ovs_be32 *mask)
610 {
611 int n = 0;
612
613 char *error = ip_parse_masked_len(s, &n, ip, mask);
614 if (!error && s[n]) {
615 return xasprintf("%s: invalid IP address", s);
616 }
617 return error;
618 }
619
620 /* Similar to ip_parse_masked_len(), but the mask, if present, must be a CIDR
621 * mask and is returned as a prefix len in '*plen'. */
622 char * OVS_WARN_UNUSED_RESULT
623 ip_parse_cidr_len(const char *s, int *n, ovs_be32 *ip, unsigned int *plen)
624 {
625 ovs_be32 mask;
626 char *error;
627
628 error = ip_parse_masked_len(s, n, ip, &mask);
629 if (error) {
630 return error;
631 }
632
633 if (!ip_is_cidr(mask)) {
634 return xasprintf("%s: CIDR network required", s);
635 }
636 *plen = ip_count_cidr_bits(mask);
637 return NULL;
638 }
639
640 /* Similar to ip_parse_cidr_len(), but doesn't return the number of scanned
641 * characters and expects 's' to be NULL terminated at the end of the
642 * ip/(optional) cidr. */
643 char * OVS_WARN_UNUSED_RESULT
644 ip_parse_cidr(const char *s, ovs_be32 *ip, unsigned int *plen)
645 {
646 int n = 0;
647
648 char *error = ip_parse_cidr_len(s, &n, ip, plen);
649 if (!error && s[n]) {
650 return xasprintf("%s: invalid IP address", s);
651 }
652 return error;
653 }
654
655 /* Parses string 's', which must be an IPv6 address. Stores the IPv6 address
656 * into '*ip'. Returns true if successful, otherwise false. */
657 bool
658 ipv6_parse(const char *s, struct in6_addr *ip)
659 {
660 return inet_pton(AF_INET6, s, ip) == 1;
661 }
662
663 /* Parses string 's', which must be an IPv6 address with an optional netmask or
664 * CIDR prefix length. Stores the IPv6 address into '*ip' and the netmask into
665 * '*mask' (if 's' does not contain a netmask, all-one-bits is assumed), and
666 * number of scanned characters into '*n'.
667 *
668 * Returns NULL if successful, otherwise an error message that the caller must
669 * free(). */
670 char * OVS_WARN_UNUSED_RESULT
671 ipv6_parse_masked_len(const char *s, int *n, struct in6_addr *ip,
672 struct in6_addr *mask)
673 {
674 char ipv6_s[IPV6_SCAN_LEN + 1];
675 int prefix;
676
677 if (ovs_scan_len(s, n, " "IPV6_SCAN_FMT, ipv6_s)
678 && ipv6_parse(ipv6_s, ip)) {
679 if (ovs_scan_len(s, n, "/%d", &prefix)) {
680 if (prefix < 0 || prefix > 128) {
681 return xasprintf("%s: IPv6 network prefix bits not between 0 "
682 "and 128, inclusive", s);
683 }
684 *mask = ipv6_create_mask(prefix);
685 } else if (ovs_scan_len(s, n, "/"IPV6_SCAN_FMT, ipv6_s)) {
686 if (!ipv6_parse(ipv6_s, mask)) {
687 return xasprintf("%s: Invalid IPv6 mask", s);
688 }
689 /* OK. */
690 } else {
691 /* OK. No mask. */
692 *mask = in6addr_exact;
693 }
694 return NULL;
695 }
696 return xasprintf("%s: invalid IPv6 address", s);
697 }
698
699 /* This function is similar to ipv6_parse_masked_len(), but doesn't return the
700 * number of scanned characters and expects 's' to end following the
701 * ipv6/(optional) mask. */
702 char * OVS_WARN_UNUSED_RESULT
703 ipv6_parse_masked(const char *s, struct in6_addr *ip, struct in6_addr *mask)
704 {
705 int n = 0;
706
707 char *error = ipv6_parse_masked_len(s, &n, ip, mask);
708 if (!error && s[n]) {
709 return xasprintf("%s: invalid IPv6 address", s);
710 }
711 return error;
712 }
713
714 /* Similar to ipv6_parse_masked_len(), but the mask, if present, must be a CIDR
715 * mask and is returned as a prefix length in '*plen'. */
716 char * OVS_WARN_UNUSED_RESULT
717 ipv6_parse_cidr_len(const char *s, int *n, struct in6_addr *ip,
718 unsigned int *plen)
719 {
720 struct in6_addr mask;
721 char *error;
722
723 error = ipv6_parse_masked_len(s, n, ip, &mask);
724 if (error) {
725 return error;
726 }
727
728 if (!ipv6_is_cidr(&mask)) {
729 return xasprintf("%s: IPv6 CIDR network required", s);
730 }
731 *plen = ipv6_count_cidr_bits(&mask);
732 return NULL;
733 }
734
735 /* Similar to ipv6_parse_cidr_len(), but doesn't return the number of scanned
736 * characters and expects 's' to end after the ipv6/(optional) cidr. */
737 char * OVS_WARN_UNUSED_RESULT
738 ipv6_parse_cidr(const char *s, struct in6_addr *ip, unsigned int *plen)
739 {
740 int n = 0;
741
742 char *error = ipv6_parse_cidr_len(s, &n, ip, plen);
743 if (!error && s[n]) {
744 return xasprintf("%s: invalid IPv6 address", s);
745 }
746 return error;
747 }
748
749 /* Stores the string representation of the IPv6 address 'addr' into the
750 * character array 'addr_str', which must be at least INET6_ADDRSTRLEN
751 * bytes long. */
752 void
753 ipv6_format_addr(const struct in6_addr *addr, struct ds *s)
754 {
755 char *dst;
756
757 ds_reserve(s, s->length + INET6_ADDRSTRLEN);
758
759 dst = s->string + s->length;
760 inet_ntop(AF_INET6, addr, dst, INET6_ADDRSTRLEN);
761 s->length += strlen(dst);
762 }
763
764 /* Same as print_ipv6_addr, but optionally encloses the address in square
765 * brackets. */
766 void
767 ipv6_format_addr_bracket(const struct in6_addr *addr, struct ds *s,
768 bool bracket)
769 {
770 if (bracket) {
771 ds_put_char(s, '[');
772 }
773 ipv6_format_addr(addr, s);
774 if (bracket) {
775 ds_put_char(s, ']');
776 }
777 }
778
779 void
780 ipv6_format_mapped(const struct in6_addr *addr, struct ds *s)
781 {
782 if (IN6_IS_ADDR_V4MAPPED(addr)) {
783 ds_put_format(s, IP_FMT, addr->s6_addr[12], addr->s6_addr[13],
784 addr->s6_addr[14], addr->s6_addr[15]);
785 } else {
786 ipv6_format_addr(addr, s);
787 }
788 }
789
790 void
791 ipv6_format_masked(const struct in6_addr *addr, const struct in6_addr *mask,
792 struct ds *s)
793 {
794 ipv6_format_addr(addr, s);
795 if (mask && !ipv6_mask_is_exact(mask)) {
796 if (ipv6_is_cidr(mask)) {
797 int cidr_bits = ipv6_count_cidr_bits(mask);
798 ds_put_format(s, "/%d", cidr_bits);
799 } else {
800 ds_put_char(s, '/');
801 ipv6_format_addr(mask, s);
802 }
803 }
804 }
805
806 /* Stores the string representation of the IPv6 address 'addr' into the
807 * character array 'addr_str', which must be at least INET6_ADDRSTRLEN
808 * bytes long. If addr is IPv4-mapped, store an IPv4 dotted-decimal string. */
809 const char *
810 ipv6_string_mapped(char *addr_str, const struct in6_addr *addr)
811 {
812 ovs_be32 ip;
813 ip = in6_addr_get_mapped_ipv4(addr);
814 if (ip) {
815 return inet_ntop(AF_INET, &ip, addr_str, INET6_ADDRSTRLEN);
816 } else {
817 return inet_ntop(AF_INET6, addr, addr_str, INET6_ADDRSTRLEN);
818 }
819 }
820
821 #ifdef s6_addr32
822 #define s6_addrX s6_addr32
823 #define IPV6_FOR_EACH(VAR) for (int VAR = 0; VAR < 4; VAR++)
824 #else
825 #define s6_addrX s6_addr
826 #define IPV6_FOR_EACH(VAR) for (int VAR = 0; VAR < 16; VAR++)
827 #endif
828
829 struct in6_addr
830 ipv6_addr_bitand(const struct in6_addr *a, const struct in6_addr *b)
831 {
832 struct in6_addr dst;
833 IPV6_FOR_EACH (i) {
834 dst.s6_addrX[i] = a->s6_addrX[i] & b->s6_addrX[i];
835 }
836 return dst;
837 }
838
839 struct in6_addr
840 ipv6_addr_bitxor(const struct in6_addr *a, const struct in6_addr *b)
841 {
842 struct in6_addr dst;
843 IPV6_FOR_EACH (i) {
844 dst.s6_addrX[i] = a->s6_addrX[i] ^ b->s6_addrX[i];
845 }
846 return dst;
847 }
848
849 bool
850 ipv6_is_zero(const struct in6_addr *a)
851 {
852 IPV6_FOR_EACH (i) {
853 if (a->s6_addrX[i]) {
854 return false;
855 }
856 }
857 return true;
858 }
859
860 /* Returns an in6_addr consisting of 'mask' high-order 1-bits and 128-N
861 * low-order 0-bits. */
862 struct in6_addr
863 ipv6_create_mask(int mask)
864 {
865 struct in6_addr netmask;
866 uint8_t *netmaskp = &netmask.s6_addr[0];
867
868 memset(&netmask, 0, sizeof netmask);
869 while (mask > 8) {
870 *netmaskp = 0xff;
871 netmaskp++;
872 mask -= 8;
873 }
874
875 if (mask) {
876 *netmaskp = 0xff << (8 - mask);
877 }
878
879 return netmask;
880 }
881
882 /* Given the IPv6 netmask 'netmask', returns the number of bits of the IPv6
883 * address that it specifies, that is, the number of 1-bits in 'netmask'.
884 * 'netmask' must be a CIDR netmask (see ipv6_is_cidr()).
885 *
886 * If 'netmask' is not a CIDR netmask (see ipv6_is_cidr()), the return value
887 * will still be in the valid range but isn't otherwise meaningful. */
888 int
889 ipv6_count_cidr_bits(const struct in6_addr *netmask)
890 {
891 int i;
892 int count = 0;
893 const uint8_t *netmaskp = &netmask->s6_addr[0];
894
895 for (i=0; i<16; i++) {
896 if (netmaskp[i] == 0xff) {
897 count += 8;
898 } else {
899 uint8_t nm;
900
901 for(nm = netmaskp[i]; nm; nm <<= 1) {
902 count++;
903 }
904 break;
905 }
906
907 }
908
909 return count;
910 }
911
912 /* Returns true if 'netmask' is a CIDR netmask, that is, if it consists of N
913 * high-order 1-bits and 128-N low-order 0-bits. */
914 bool
915 ipv6_is_cidr(const struct in6_addr *netmask)
916 {
917 const uint8_t *netmaskp = &netmask->s6_addr[0];
918 int i;
919
920 for (i=0; i<16; i++) {
921 if (netmaskp[i] != 0xff) {
922 uint8_t x = ~netmaskp[i];
923 if (x & (x + 1)) {
924 return false;
925 }
926 while (++i < 16) {
927 if (netmaskp[i]) {
928 return false;
929 }
930 }
931 }
932 }
933
934 return true;
935 }
936
937 /* Populates 'b' with an Ethernet II packet headed with the given 'eth_dst',
938 * 'eth_src' and 'eth_type' parameters. A payload of 'size' bytes is allocated
939 * in 'b' and returned. This payload may be populated with appropriate
940 * information by the caller. Sets 'b''s 'frame' pointer and 'l3' offset to
941 * the Ethernet header and payload respectively. Aligns b->l3 on a 32-bit
942 * boundary.
943 *
944 * The returned packet has enough headroom to insert an 802.1Q VLAN header if
945 * desired. */
946 void *
947 eth_compose(struct dp_packet *b, const struct eth_addr eth_dst,
948 const struct eth_addr eth_src, uint16_t eth_type,
949 size_t size)
950 {
951 void *data;
952 struct eth_header *eth;
953
954 dp_packet_clear(b);
955
956 /* The magic 2 here ensures that the L3 header (when it is added later)
957 * will be 32-bit aligned. */
958 dp_packet_prealloc_tailroom(b, 2 + ETH_HEADER_LEN + VLAN_HEADER_LEN + size);
959 dp_packet_reserve(b, 2 + VLAN_HEADER_LEN);
960 eth = dp_packet_put_uninit(b, ETH_HEADER_LEN);
961 data = dp_packet_put_zeros(b, size);
962
963 eth->eth_dst = eth_dst;
964 eth->eth_src = eth_src;
965 eth->eth_type = htons(eth_type);
966
967 b->packet_type = htonl(PT_ETH);
968 dp_packet_reset_offsets(b);
969 dp_packet_set_l3(b, data);
970
971 return data;
972 }
973
974 void
975 packet_set_ipv4_addr(struct dp_packet *packet,
976 ovs_16aligned_be32 *addr, ovs_be32 new_addr)
977 {
978 struct ip_header *nh = dp_packet_l3(packet);
979 ovs_be32 old_addr = get_16aligned_be32(addr);
980 size_t l4_size = dp_packet_l4_size(packet);
981
982 if (nh->ip_proto == IPPROTO_TCP && l4_size >= TCP_HEADER_LEN) {
983 struct tcp_header *th = dp_packet_l4(packet);
984
985 th->tcp_csum = recalc_csum32(th->tcp_csum, old_addr, new_addr);
986 } else if (nh->ip_proto == IPPROTO_UDP && l4_size >= UDP_HEADER_LEN ) {
987 struct udp_header *uh = dp_packet_l4(packet);
988
989 if (uh->udp_csum) {
990 uh->udp_csum = recalc_csum32(uh->udp_csum, old_addr, new_addr);
991 if (!uh->udp_csum) {
992 uh->udp_csum = htons(0xffff);
993 }
994 }
995 }
996 nh->ip_csum = recalc_csum32(nh->ip_csum, old_addr, new_addr);
997 put_16aligned_be32(addr, new_addr);
998 }
999
1000 /* Returns true, if packet contains at least one routing header where
1001 * segements_left > 0.
1002 *
1003 * This function assumes that L3 and L4 offsets are set in the packet. */
1004 static bool
1005 packet_rh_present(struct dp_packet *packet, uint8_t *nexthdr)
1006 {
1007 const struct ovs_16aligned_ip6_hdr *nh;
1008 size_t len;
1009 size_t remaining;
1010 uint8_t *data = dp_packet_l3(packet);
1011
1012 remaining = packet->l4_ofs - packet->l3_ofs;
1013 if (remaining < sizeof *nh) {
1014 return false;
1015 }
1016 nh = ALIGNED_CAST(struct ovs_16aligned_ip6_hdr *, data);
1017 data += sizeof *nh;
1018 remaining -= sizeof *nh;
1019 *nexthdr = nh->ip6_nxt;
1020
1021 while (1) {
1022 if ((*nexthdr != IPPROTO_HOPOPTS)
1023 && (*nexthdr != IPPROTO_ROUTING)
1024 && (*nexthdr != IPPROTO_DSTOPTS)
1025 && (*nexthdr != IPPROTO_AH)
1026 && (*nexthdr != IPPROTO_FRAGMENT)) {
1027 /* It's either a terminal header (e.g., TCP, UDP) or one we
1028 * don't understand. In either case, we're done with the
1029 * packet, so use it to fill in 'nw_proto'. */
1030 break;
1031 }
1032
1033 /* We only verify that at least 8 bytes of the next header are
1034 * available, but many of these headers are longer. Ensure that
1035 * accesses within the extension header are within those first 8
1036 * bytes. All extension headers are required to be at least 8
1037 * bytes. */
1038 if (remaining < 8) {
1039 return false;
1040 }
1041
1042 if (*nexthdr == IPPROTO_AH) {
1043 /* A standard AH definition isn't available, but the fields
1044 * we care about are in the same location as the generic
1045 * option header--only the header length is calculated
1046 * differently. */
1047 const struct ip6_ext *ext_hdr = (struct ip6_ext *)data;
1048
1049 *nexthdr = ext_hdr->ip6e_nxt;
1050 len = (ext_hdr->ip6e_len + 2) * 4;
1051 } else if (*nexthdr == IPPROTO_FRAGMENT) {
1052 const struct ovs_16aligned_ip6_frag *frag_hdr
1053 = ALIGNED_CAST(struct ovs_16aligned_ip6_frag *, data);
1054
1055 *nexthdr = frag_hdr->ip6f_nxt;
1056 len = sizeof *frag_hdr;
1057 } else if (*nexthdr == IPPROTO_ROUTING) {
1058 const struct ip6_rthdr *rh = (struct ip6_rthdr *)data;
1059
1060 if (rh->ip6r_segleft > 0) {
1061 return true;
1062 }
1063
1064 *nexthdr = rh->ip6r_nxt;
1065 len = (rh->ip6r_len + 1) * 8;
1066 } else {
1067 const struct ip6_ext *ext_hdr = (struct ip6_ext *)data;
1068
1069 *nexthdr = ext_hdr->ip6e_nxt;
1070 len = (ext_hdr->ip6e_len + 1) * 8;
1071 }
1072
1073 if (remaining < len) {
1074 return false;
1075 }
1076 remaining -= len;
1077 data += len;
1078 }
1079
1080 return false;
1081 }
1082
1083 static void
1084 packet_update_csum128(struct dp_packet *packet, uint8_t proto,
1085 ovs_16aligned_be32 addr[4],
1086 const struct in6_addr *new_addr)
1087 {
1088 size_t l4_size = dp_packet_l4_size(packet);
1089
1090 if (proto == IPPROTO_TCP && l4_size >= TCP_HEADER_LEN) {
1091 struct tcp_header *th = dp_packet_l4(packet);
1092
1093 th->tcp_csum = recalc_csum128(th->tcp_csum, addr, new_addr);
1094 } else if (proto == IPPROTO_UDP && l4_size >= UDP_HEADER_LEN) {
1095 struct udp_header *uh = dp_packet_l4(packet);
1096
1097 if (uh->udp_csum) {
1098 uh->udp_csum = recalc_csum128(uh->udp_csum, addr, new_addr);
1099 if (!uh->udp_csum) {
1100 uh->udp_csum = htons(0xffff);
1101 }
1102 }
1103 } else if (proto == IPPROTO_ICMPV6 &&
1104 l4_size >= sizeof(struct icmp6_header)) {
1105 struct icmp6_header *icmp = dp_packet_l4(packet);
1106
1107 icmp->icmp6_cksum = recalc_csum128(icmp->icmp6_cksum, addr, new_addr);
1108 }
1109 }
1110
1111 void
1112 packet_set_ipv6_addr(struct dp_packet *packet, uint8_t proto,
1113 ovs_16aligned_be32 addr[4],
1114 const struct in6_addr *new_addr,
1115 bool recalculate_csum)
1116 {
1117 if (recalculate_csum) {
1118 packet_update_csum128(packet, proto, addr, new_addr);
1119 }
1120 memcpy(addr, new_addr, sizeof(ovs_be32[4]));
1121 }
1122
1123 static void
1124 packet_set_ipv6_flow_label(ovs_16aligned_be32 *flow_label, ovs_be32 flow_key)
1125 {
1126 ovs_be32 old_label = get_16aligned_be32(flow_label);
1127 ovs_be32 new_label = (old_label & htonl(~IPV6_LABEL_MASK)) | flow_key;
1128 put_16aligned_be32(flow_label, new_label);
1129 }
1130
1131 static void
1132 packet_set_ipv6_tc(ovs_16aligned_be32 *flow_label, uint8_t tc)
1133 {
1134 ovs_be32 old_label = get_16aligned_be32(flow_label);
1135 ovs_be32 new_label = (old_label & htonl(0xF00FFFFF)) | htonl(tc << 20);
1136 put_16aligned_be32(flow_label, new_label);
1137 }
1138
1139 /* Modifies the IPv4 header fields of 'packet' to be consistent with 'src',
1140 * 'dst', 'tos', and 'ttl'. Updates 'packet''s L4 checksums as appropriate.
1141 * 'packet' must contain a valid IPv4 packet with correctly populated l[347]
1142 * markers. */
1143 void
1144 packet_set_ipv4(struct dp_packet *packet, ovs_be32 src, ovs_be32 dst,
1145 uint8_t tos, uint8_t ttl)
1146 {
1147 struct ip_header *nh = dp_packet_l3(packet);
1148
1149 if (get_16aligned_be32(&nh->ip_src) != src) {
1150 packet_set_ipv4_addr(packet, &nh->ip_src, src);
1151 }
1152
1153 if (get_16aligned_be32(&nh->ip_dst) != dst) {
1154 packet_set_ipv4_addr(packet, &nh->ip_dst, dst);
1155 }
1156
1157 if (nh->ip_tos != tos) {
1158 uint8_t *field = &nh->ip_tos;
1159
1160 nh->ip_csum = recalc_csum16(nh->ip_csum, htons((uint16_t) *field),
1161 htons((uint16_t) tos));
1162 *field = tos;
1163 }
1164
1165 if (nh->ip_ttl != ttl) {
1166 uint8_t *field = &nh->ip_ttl;
1167
1168 nh->ip_csum = recalc_csum16(nh->ip_csum, htons(*field << 8),
1169 htons(ttl << 8));
1170 *field = ttl;
1171 }
1172 }
1173
1174 /* Modifies the IPv6 header fields of 'packet' to be consistent with 'src',
1175 * 'dst', 'traffic class', and 'next hop'. Updates 'packet''s L4 checksums as
1176 * appropriate. 'packet' must contain a valid IPv6 packet with correctly
1177 * populated l[34] offsets. */
1178 void
1179 packet_set_ipv6(struct dp_packet *packet, const struct in6_addr *src,
1180 const struct in6_addr *dst, uint8_t key_tc, ovs_be32 key_fl,
1181 uint8_t key_hl)
1182 {
1183 struct ovs_16aligned_ip6_hdr *nh = dp_packet_l3(packet);
1184 uint8_t proto = 0;
1185 bool rh_present;
1186
1187 rh_present = packet_rh_present(packet, &proto);
1188
1189 if (memcmp(&nh->ip6_src, src, sizeof(ovs_be32[4]))) {
1190 packet_set_ipv6_addr(packet, proto, nh->ip6_src.be32, src, true);
1191 }
1192
1193 if (memcmp(&nh->ip6_dst, dst, sizeof(ovs_be32[4]))) {
1194 packet_set_ipv6_addr(packet, proto, nh->ip6_dst.be32, dst,
1195 !rh_present);
1196 }
1197
1198 packet_set_ipv6_tc(&nh->ip6_flow, key_tc);
1199 packet_set_ipv6_flow_label(&nh->ip6_flow, key_fl);
1200 nh->ip6_hlim = key_hl;
1201 }
1202
1203 static void
1204 packet_set_port(ovs_be16 *port, ovs_be16 new_port, ovs_be16 *csum)
1205 {
1206 if (*port != new_port) {
1207 *csum = recalc_csum16(*csum, *port, new_port);
1208 *port = new_port;
1209 }
1210 }
1211
1212 /* Sets the TCP source and destination port ('src' and 'dst' respectively) of
1213 * the TCP header contained in 'packet'. 'packet' must be a valid TCP packet
1214 * with its l4 offset properly populated. */
1215 void
1216 packet_set_tcp_port(struct dp_packet *packet, ovs_be16 src, ovs_be16 dst)
1217 {
1218 struct tcp_header *th = dp_packet_l4(packet);
1219
1220 packet_set_port(&th->tcp_src, src, &th->tcp_csum);
1221 packet_set_port(&th->tcp_dst, dst, &th->tcp_csum);
1222 }
1223
1224 /* Sets the UDP source and destination port ('src' and 'dst' respectively) of
1225 * the UDP header contained in 'packet'. 'packet' must be a valid UDP packet
1226 * with its l4 offset properly populated. */
1227 void
1228 packet_set_udp_port(struct dp_packet *packet, ovs_be16 src, ovs_be16 dst)
1229 {
1230 struct udp_header *uh = dp_packet_l4(packet);
1231
1232 if (uh->udp_csum) {
1233 packet_set_port(&uh->udp_src, src, &uh->udp_csum);
1234 packet_set_port(&uh->udp_dst, dst, &uh->udp_csum);
1235
1236 if (!uh->udp_csum) {
1237 uh->udp_csum = htons(0xffff);
1238 }
1239 } else {
1240 uh->udp_src = src;
1241 uh->udp_dst = dst;
1242 }
1243 }
1244
1245 /* Sets the SCTP source and destination port ('src' and 'dst' respectively) of
1246 * the SCTP header contained in 'packet'. 'packet' must be a valid SCTP packet
1247 * with its l4 offset properly populated. */
1248 void
1249 packet_set_sctp_port(struct dp_packet *packet, ovs_be16 src, ovs_be16 dst)
1250 {
1251 struct sctp_header *sh = dp_packet_l4(packet);
1252 ovs_be32 old_csum, old_correct_csum, new_csum;
1253 uint16_t tp_len = dp_packet_l4_size(packet);
1254
1255 old_csum = get_16aligned_be32(&sh->sctp_csum);
1256 put_16aligned_be32(&sh->sctp_csum, 0);
1257 old_correct_csum = crc32c((void *)sh, tp_len);
1258
1259 sh->sctp_src = src;
1260 sh->sctp_dst = dst;
1261
1262 new_csum = crc32c((void *)sh, tp_len);
1263 put_16aligned_be32(&sh->sctp_csum, old_csum ^ old_correct_csum ^ new_csum);
1264 }
1265
1266 /* Sets the ICMP type and code of the ICMP header contained in 'packet'.
1267 * 'packet' must be a valid ICMP packet with its l4 offset properly
1268 * populated. */
1269 void
1270 packet_set_icmp(struct dp_packet *packet, uint8_t type, uint8_t code)
1271 {
1272 struct icmp_header *ih = dp_packet_l4(packet);
1273 ovs_be16 orig_tc = htons(ih->icmp_type << 8 | ih->icmp_code);
1274 ovs_be16 new_tc = htons(type << 8 | code);
1275
1276 if (orig_tc != new_tc) {
1277 ih->icmp_type = type;
1278 ih->icmp_code = code;
1279
1280 ih->icmp_csum = recalc_csum16(ih->icmp_csum, orig_tc, new_tc);
1281 }
1282 }
1283
1284 void
1285 packet_set_nd(struct dp_packet *packet, const struct in6_addr *target,
1286 const struct eth_addr sll, const struct eth_addr tll)
1287 {
1288 struct ovs_nd_msg *ns;
1289 struct ovs_nd_lla_opt *opt;
1290 int bytes_remain = dp_packet_l4_size(packet);
1291
1292 if (OVS_UNLIKELY(bytes_remain < sizeof(*ns))) {
1293 return;
1294 }
1295
1296 ns = dp_packet_l4(packet);
1297 opt = &ns->options[0];
1298 bytes_remain -= sizeof(*ns);
1299
1300 if (memcmp(&ns->target, target, sizeof(ovs_be32[4]))) {
1301 packet_set_ipv6_addr(packet, IPPROTO_ICMPV6, ns->target.be32, target,
1302 true);
1303 }
1304
1305 while (bytes_remain >= ND_LLA_OPT_LEN && opt->len != 0) {
1306 if (opt->type == ND_OPT_SOURCE_LINKADDR && opt->len == 1) {
1307 if (!eth_addr_equals(opt->mac, sll)) {
1308 ovs_be16 *csum = &(ns->icmph.icmp6_cksum);
1309
1310 *csum = recalc_csum48(*csum, opt->mac, sll);
1311 opt->mac = sll;
1312 }
1313
1314 /* A packet can only contain one SLL or TLL option */
1315 break;
1316 } else if (opt->type == ND_OPT_TARGET_LINKADDR && opt->len == 1) {
1317 if (!eth_addr_equals(opt->mac, tll)) {
1318 ovs_be16 *csum = &(ns->icmph.icmp6_cksum);
1319
1320 *csum = recalc_csum48(*csum, opt->mac, tll);
1321 opt->mac = tll;
1322 }
1323
1324 /* A packet can only contain one SLL or TLL option */
1325 break;
1326 }
1327
1328 opt += opt->len;
1329 bytes_remain -= opt->len * ND_LLA_OPT_LEN;
1330 }
1331 }
1332
1333 const char *
1334 packet_tcp_flag_to_string(uint32_t flag)
1335 {
1336 switch (flag) {
1337 case TCP_FIN:
1338 return "fin";
1339 case TCP_SYN:
1340 return "syn";
1341 case TCP_RST:
1342 return "rst";
1343 case TCP_PSH:
1344 return "psh";
1345 case TCP_ACK:
1346 return "ack";
1347 case TCP_URG:
1348 return "urg";
1349 case TCP_ECE:
1350 return "ece";
1351 case TCP_CWR:
1352 return "cwr";
1353 case TCP_NS:
1354 return "ns";
1355 case 0x200:
1356 return "[200]";
1357 case 0x400:
1358 return "[400]";
1359 case 0x800:
1360 return "[800]";
1361 default:
1362 return NULL;
1363 }
1364 }
1365
1366 /* Appends a string representation of the TCP flags value 'tcp_flags'
1367 * (e.g. from struct flow.tcp_flags or obtained via TCP_FLAGS) to 's', in the
1368 * format used by tcpdump. */
1369 void
1370 packet_format_tcp_flags(struct ds *s, uint16_t tcp_flags)
1371 {
1372 if (!tcp_flags) {
1373 ds_put_cstr(s, "none");
1374 return;
1375 }
1376
1377 if (tcp_flags & TCP_SYN) {
1378 ds_put_char(s, 'S');
1379 }
1380 if (tcp_flags & TCP_FIN) {
1381 ds_put_char(s, 'F');
1382 }
1383 if (tcp_flags & TCP_PSH) {
1384 ds_put_char(s, 'P');
1385 }
1386 if (tcp_flags & TCP_RST) {
1387 ds_put_char(s, 'R');
1388 }
1389 if (tcp_flags & TCP_URG) {
1390 ds_put_char(s, 'U');
1391 }
1392 if (tcp_flags & TCP_ACK) {
1393 ds_put_char(s, '.');
1394 }
1395 if (tcp_flags & TCP_ECE) {
1396 ds_put_cstr(s, "E");
1397 }
1398 if (tcp_flags & TCP_CWR) {
1399 ds_put_cstr(s, "C");
1400 }
1401 if (tcp_flags & TCP_NS) {
1402 ds_put_cstr(s, "N");
1403 }
1404 if (tcp_flags & 0x200) {
1405 ds_put_cstr(s, "[200]");
1406 }
1407 if (tcp_flags & 0x400) {
1408 ds_put_cstr(s, "[400]");
1409 }
1410 if (tcp_flags & 0x800) {
1411 ds_put_cstr(s, "[800]");
1412 }
1413 }
1414
1415 #define ARP_PACKET_SIZE (2 + ETH_HEADER_LEN + VLAN_HEADER_LEN + \
1416 ARP_ETH_HEADER_LEN)
1417
1418 /* Clears 'b' and replaces its contents by an ARP frame with the specified
1419 * 'arp_op', 'arp_sha', 'arp_tha', 'arp_spa', and 'arp_tpa'. The outer
1420 * Ethernet frame is initialized with Ethernet source 'arp_sha' and destination
1421 * 'arp_tha', except that destination ff:ff:ff:ff:ff:ff is used instead if
1422 * 'broadcast' is true. Points the L3 header to the ARP header. */
1423 void
1424 compose_arp(struct dp_packet *b, uint16_t arp_op,
1425 const struct eth_addr arp_sha, const struct eth_addr arp_tha,
1426 bool broadcast, ovs_be32 arp_spa, ovs_be32 arp_tpa)
1427 {
1428 compose_arp__(b);
1429
1430 struct eth_header *eth = dp_packet_eth(b);
1431 eth->eth_dst = broadcast ? eth_addr_broadcast : arp_tha;
1432 eth->eth_src = arp_sha;
1433
1434 struct arp_eth_header *arp = dp_packet_l3(b);
1435 arp->ar_op = htons(arp_op);
1436 arp->ar_sha = arp_sha;
1437 arp->ar_tha = arp_tha;
1438 put_16aligned_be32(&arp->ar_spa, arp_spa);
1439 put_16aligned_be32(&arp->ar_tpa, arp_tpa);
1440 }
1441
1442 /* Clears 'b' and replaces its contents by an ARP frame. Sets the fields in
1443 * the Ethernet and ARP headers that are fixed for ARP frames to those fixed
1444 * values, and zeroes the other fields. Points the L3 header to the ARP
1445 * header. */
1446 void
1447 compose_arp__(struct dp_packet *b)
1448 {
1449 dp_packet_clear(b);
1450 dp_packet_prealloc_tailroom(b, ARP_PACKET_SIZE);
1451 dp_packet_reserve(b, 2 + VLAN_HEADER_LEN);
1452
1453 struct eth_header *eth = dp_packet_put_zeros(b, sizeof *eth);
1454 eth->eth_type = htons(ETH_TYPE_ARP);
1455
1456 struct arp_eth_header *arp = dp_packet_put_zeros(b, sizeof *arp);
1457 arp->ar_hrd = htons(ARP_HRD_ETHERNET);
1458 arp->ar_pro = htons(ARP_PRO_IP);
1459 arp->ar_hln = sizeof arp->ar_sha;
1460 arp->ar_pln = sizeof arp->ar_spa;
1461
1462 dp_packet_reset_offsets(b);
1463 dp_packet_set_l3(b, arp);
1464
1465 b->packet_type = htonl(PT_ETH);
1466 }
1467
1468 /* This function expects packet with ethernet header with correct
1469 * l3 pointer set. */
1470 static void *
1471 compose_ipv6(struct dp_packet *packet, uint8_t proto,
1472 const struct in6_addr *src, const struct in6_addr *dst,
1473 uint8_t key_tc, ovs_be32 key_fl, uint8_t key_hl, int size)
1474 {
1475 struct ip6_hdr *nh;
1476 void *data;
1477
1478 nh = dp_packet_l3(packet);
1479 nh->ip6_vfc = 0x60;
1480 nh->ip6_nxt = proto;
1481 nh->ip6_plen = htons(size);
1482 data = dp_packet_put_zeros(packet, size);
1483 dp_packet_set_l4(packet, data);
1484 packet_set_ipv6(packet, src, dst, key_tc, key_fl, key_hl);
1485 return data;
1486 }
1487
1488 /* Compose an IPv6 Neighbor Discovery Neighbor Solicitation message. */
1489 void
1490 compose_nd_ns(struct dp_packet *b, const struct eth_addr eth_src,
1491 const struct in6_addr *ipv6_src, const struct in6_addr *ipv6_dst)
1492 {
1493 struct in6_addr sn_addr;
1494 struct eth_addr eth_dst;
1495 struct ovs_nd_msg *ns;
1496 struct ovs_nd_lla_opt *lla_opt;
1497 uint32_t icmp_csum;
1498
1499 in6_addr_solicited_node(&sn_addr, ipv6_dst);
1500 ipv6_multicast_to_ethernet(&eth_dst, &sn_addr);
1501
1502 eth_compose(b, eth_dst, eth_src, ETH_TYPE_IPV6, IPV6_HEADER_LEN);
1503 ns = compose_ipv6(b, IPPROTO_ICMPV6, ipv6_src, &sn_addr,
1504 0, 0, 255, ND_MSG_LEN + ND_LLA_OPT_LEN);
1505
1506 ns->icmph.icmp6_type = ND_NEIGHBOR_SOLICIT;
1507 ns->icmph.icmp6_code = 0;
1508 put_16aligned_be32(&ns->rso_flags, htonl(0));
1509
1510 lla_opt = &ns->options[0];
1511 lla_opt->type = ND_OPT_SOURCE_LINKADDR;
1512 lla_opt->len = 1;
1513
1514 packet_set_nd(b, ipv6_dst, eth_src, eth_addr_zero);
1515
1516 ns->icmph.icmp6_cksum = 0;
1517 icmp_csum = packet_csum_pseudoheader6(dp_packet_l3(b));
1518 ns->icmph.icmp6_cksum = csum_finish(
1519 csum_continue(icmp_csum, ns, ND_MSG_LEN + ND_LLA_OPT_LEN));
1520 }
1521
1522 /* Compose an IPv6 Neighbor Discovery Neighbor Advertisement message. */
1523 void
1524 compose_nd_na(struct dp_packet *b,
1525 const struct eth_addr eth_src, const struct eth_addr eth_dst,
1526 const struct in6_addr *ipv6_src, const struct in6_addr *ipv6_dst,
1527 ovs_be32 rso_flags)
1528 {
1529 struct ovs_nd_msg *na;
1530 struct ovs_nd_lla_opt *lla_opt;
1531 uint32_t icmp_csum;
1532
1533 eth_compose(b, eth_dst, eth_src, ETH_TYPE_IPV6, IPV6_HEADER_LEN);
1534 na = compose_ipv6(b, IPPROTO_ICMPV6, ipv6_src, ipv6_dst,
1535 0, 0, 255, ND_MSG_LEN + ND_LLA_OPT_LEN);
1536
1537 na->icmph.icmp6_type = ND_NEIGHBOR_ADVERT;
1538 na->icmph.icmp6_code = 0;
1539 put_16aligned_be32(&na->rso_flags, rso_flags);
1540
1541 lla_opt = &na->options[0];
1542 lla_opt->type = ND_OPT_TARGET_LINKADDR;
1543 lla_opt->len = 1;
1544
1545 packet_set_nd(b, ipv6_src, eth_addr_zero, eth_src);
1546
1547 na->icmph.icmp6_cksum = 0;
1548 icmp_csum = packet_csum_pseudoheader6(dp_packet_l3(b));
1549 na->icmph.icmp6_cksum = csum_finish(csum_continue(
1550 icmp_csum, na, ND_MSG_LEN + ND_LLA_OPT_LEN));
1551 }
1552
1553 /* Compose an IPv6 Neighbor Discovery Router Advertisement message with
1554 * Source Link-layer Address Option and MTU Option.
1555 * Caller can call packet_put_ra_prefix_opt to append Prefix Information
1556 * Options to composed messags in 'b'. */
1557 void
1558 compose_nd_ra(struct dp_packet *b,
1559 const struct eth_addr eth_src, const struct eth_addr eth_dst,
1560 const struct in6_addr *ipv6_src, const struct in6_addr *ipv6_dst,
1561 uint8_t cur_hop_limit, uint8_t mo_flags,
1562 ovs_be16 router_lt, ovs_be32 reachable_time,
1563 ovs_be32 retrans_timer, uint32_t mtu)
1564 {
1565 /* Don't compose Router Advertisement packet with MTU Option if mtu
1566 * value is 0. */
1567 bool with_mtu = mtu != 0;
1568 size_t mtu_opt_len = with_mtu ? ND_MTU_OPT_LEN : 0;
1569
1570 eth_compose(b, eth_dst, eth_src, ETH_TYPE_IPV6, IPV6_HEADER_LEN);
1571
1572 struct ovs_ra_msg *ra = compose_ipv6(
1573 b, IPPROTO_ICMPV6, ipv6_src, ipv6_dst, 0, 0, 255,
1574 RA_MSG_LEN + ND_LLA_OPT_LEN + mtu_opt_len);
1575 ra->icmph.icmp6_type = ND_ROUTER_ADVERT;
1576 ra->icmph.icmp6_code = 0;
1577 ra->cur_hop_limit = cur_hop_limit;
1578 ra->mo_flags = mo_flags;
1579 ra->router_lifetime = router_lt;
1580 ra->reachable_time = reachable_time;
1581 ra->retrans_timer = retrans_timer;
1582
1583 struct ovs_nd_lla_opt *lla_opt = ra->options;
1584 lla_opt->type = ND_OPT_SOURCE_LINKADDR;
1585 lla_opt->len = 1;
1586 lla_opt->mac = eth_src;
1587
1588 if (with_mtu) {
1589 /* ovs_nd_mtu_opt has the same size with ovs_nd_lla_opt. */
1590 struct ovs_nd_mtu_opt *mtu_opt
1591 = (struct ovs_nd_mtu_opt *)(lla_opt + 1);
1592 mtu_opt->type = ND_OPT_MTU;
1593 mtu_opt->len = 1;
1594 mtu_opt->reserved = 0;
1595 put_16aligned_be32(&mtu_opt->mtu, htonl(mtu));
1596 }
1597
1598 ra->icmph.icmp6_cksum = 0;
1599 uint32_t icmp_csum = packet_csum_pseudoheader6(dp_packet_l3(b));
1600 ra->icmph.icmp6_cksum = csum_finish(csum_continue(
1601 icmp_csum, ra, RA_MSG_LEN + ND_LLA_OPT_LEN + mtu_opt_len));
1602 }
1603
1604 /* Append an IPv6 Neighbor Discovery Prefix Information option to a
1605 * Router Advertisement message. */
1606 void
1607 packet_put_ra_prefix_opt(struct dp_packet *b,
1608 uint8_t plen, uint8_t la_flags,
1609 ovs_be32 valid_lifetime, ovs_be32 preferred_lifetime,
1610 const ovs_be128 prefix)
1611 {
1612 size_t prev_l4_size = dp_packet_l4_size(b);
1613 struct ip6_hdr *nh = dp_packet_l3(b);
1614 nh->ip6_plen = htons(prev_l4_size + ND_PREFIX_OPT_LEN);
1615
1616 struct ovs_ra_msg *ra = dp_packet_l4(b);
1617 struct ovs_nd_prefix_opt *prefix_opt =
1618 dp_packet_put_uninit(b, sizeof *prefix_opt);
1619 prefix_opt->type = ND_OPT_PREFIX_INFORMATION;
1620 prefix_opt->len = 4;
1621 prefix_opt->prefix_len = plen;
1622 prefix_opt->la_flags = la_flags;
1623 put_16aligned_be32(&prefix_opt->valid_lifetime, valid_lifetime);
1624 put_16aligned_be32(&prefix_opt->preferred_lifetime, preferred_lifetime);
1625 put_16aligned_be32(&prefix_opt->reserved, 0);
1626 memcpy(prefix_opt->prefix.be32, prefix.be32, sizeof(ovs_be32[4]));
1627
1628 ra->icmph.icmp6_cksum = 0;
1629 uint32_t icmp_csum = packet_csum_pseudoheader6(dp_packet_l3(b));
1630 ra->icmph.icmp6_cksum = csum_finish(csum_continue(
1631 icmp_csum, ra, prev_l4_size + ND_PREFIX_OPT_LEN));
1632 }
1633
1634 uint32_t
1635 packet_csum_pseudoheader(const struct ip_header *ip)
1636 {
1637 uint32_t partial = 0;
1638
1639 partial = csum_add32(partial, get_16aligned_be32(&ip->ip_src));
1640 partial = csum_add32(partial, get_16aligned_be32(&ip->ip_dst));
1641 partial = csum_add16(partial, htons(ip->ip_proto));
1642 partial = csum_add16(partial, htons(ntohs(ip->ip_tot_len) -
1643 IP_IHL(ip->ip_ihl_ver) * 4));
1644
1645 return partial;
1646 }
1647
1648 #ifndef __CHECKER__
1649 uint32_t
1650 packet_csum_pseudoheader6(const struct ovs_16aligned_ip6_hdr *ip6)
1651 {
1652 uint32_t partial = 0;
1653
1654 partial = csum_continue(partial, &ip6->ip6_src, sizeof ip6->ip6_src);
1655 partial = csum_continue(partial, &ip6->ip6_dst, sizeof ip6->ip6_dst);
1656 partial = csum_add16(partial, htons(ip6->ip6_nxt));
1657 partial = csum_add16(partial, ip6->ip6_plen);
1658
1659 return partial;
1660 }
1661
1662 /* Calculate the IPv6 upper layer checksum according to RFC2460. We pass the
1663 ip6_nxt and ip6_plen values, so it will also work if extension headers
1664 are present. */
1665 uint16_t
1666 packet_csum_upperlayer6(const struct ovs_16aligned_ip6_hdr *ip6,
1667 const void *data, uint8_t l4_protocol,
1668 uint16_t l4_size)
1669 {
1670 uint32_t partial = 0;
1671
1672 partial = csum_continue(partial, &ip6->ip6_src, sizeof ip6->ip6_src);
1673 partial = csum_continue(partial, &ip6->ip6_dst, sizeof ip6->ip6_dst);
1674 partial = csum_add16(partial, htons(l4_protocol));
1675 partial = csum_add16(partial, htons(l4_size));
1676
1677 partial = csum_continue(partial, data, l4_size);
1678
1679 return csum_finish(partial);
1680 }
1681 #endif
1682
1683 void
1684 IP_ECN_set_ce(struct dp_packet *pkt, bool is_ipv6)
1685 {
1686 if (is_ipv6) {
1687 ovs_16aligned_be32 *ip6 = dp_packet_l3(pkt);
1688
1689 put_16aligned_be32(ip6, get_16aligned_be32(ip6) |
1690 htonl(IP_ECN_CE << 20));
1691 } else {
1692 struct ip_header *nh = dp_packet_l3(pkt);
1693 uint8_t tos = nh->ip_tos;
1694
1695 tos |= IP_ECN_CE;
1696 if (nh->ip_tos != tos) {
1697 nh->ip_csum = recalc_csum16(nh->ip_csum, htons(nh->ip_tos),
1698 htons((uint16_t) tos));
1699 nh->ip_tos = tos;
1700 }
1701 }
1702 }
openvswitch packages for PVE